fix: Squash commit of several fixes and features for many different elements

2025-10-29 18:12:44 -05:00
parent 562d8c96fd
commit ae73f9ca55
32 changed files with 3149 additions and 2057 deletions
--- a/src/backend/ssh/terminal.ts
+++ b/src/backend/ssh/terminal.ts
@@ -870,40 +870,44 @@ wss.on("connection", async (ws: WebSocket, req) => {
      },
      algorithms: {
        kex: [
+          "curve25519-sha256",
+          "curve25519-sha256@libssh.org",
+          "ecdh-sha2-nistp521",
+          "ecdh-sha2-nistp384",
+          "ecdh-sha2-nistp256",
+          "diffie-hellman-group-exchange-sha256",
          "diffie-hellman-group14-sha256",
          "diffie-hellman-group14-sha1",
-          "diffie-hellman-group1-sha1",
-          "diffie-hellman-group-exchange-sha256",
          "diffie-hellman-group-exchange-sha1",
-          "ecdh-sha2-nistp256",
-          "ecdh-sha2-nistp384",
-          "ecdh-sha2-nistp521",
-        ],
-        cipher: [
-          "aes128-ctr",
-          "aes192-ctr",
-          "aes256-ctr",
-          "aes128-gcm@openssh.com",
-          "aes256-gcm@openssh.com",
-          "aes128-cbc",
-          "aes192-cbc",
-          "aes256-cbc",
-          "3des-cbc",
+          "diffie-hellman-group1-sha1",
        ],
        serverHostKey: [
-          "ssh-rsa",
-          "rsa-sha2-256",
-          "rsa-sha2-512",
-          "ecdsa-sha2-nistp256",
-          "ecdsa-sha2-nistp384",
-          "ecdsa-sha2-nistp521",
          "ssh-ed25519",
+          "ecdsa-sha2-nistp521",
+          "ecdsa-sha2-nistp384",
+          "ecdsa-sha2-nistp256",
+          "rsa-sha2-512",
+          "rsa-sha2-256",
+          "ssh-rsa",
+          "ssh-dss",
+        ],
+        cipher: [
+          "chacha20-poly1305@openssh.com",
+          "aes256-gcm@openssh.com",
+          "aes128-gcm@openssh.com",
+          "aes256-ctr",
+          "aes192-ctr",
+          "aes128-ctr",
+          "aes256-cbc",
+          "aes192-cbc",
+          "aes128-cbc",
+          "3des-cbc",
        ],
        hmac: [
-          "hmac-sha2-256-etm@openssh.com",
          "hmac-sha2-512-etm@openssh.com",
-          "hmac-sha2-256",
+          "hmac-sha2-256-etm@openssh.com",
          "hmac-sha2-512",
+          "hmac-sha2-256",
          "hmac-sha1",
          "hmac-md5",
        ],
@@ -913,6 +917,21 @@ wss.on("connection", async (ws: WebSocket, req) => {

    if (resolvedCredentials.authType === "none") {
      // Don't set password in config - rely on keyboard-interactive
+    } else if (resolvedCredentials.authType === "password") {
+      if (!resolvedCredentials.password) {
+        sshLogger.error(
+          "Password authentication requested but no password provided",
+        );
+        ws.send(
+          JSON.stringify({
+            type: "error",
+            message:
+              "Password authentication requested but no password provided",
+          }),
+        );
+        return;
+      }
+      connectConfig.password = resolvedCredentials.password;
    } else if (
      resolvedCredentials.authType === "key" &&
      resolvedCredentials.key
@@ -954,20 +973,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
        }),
      );
      return;
-    } else if (resolvedCredentials.authType === "password") {
-      if (!resolvedCredentials.password) {
-        sshLogger.error(
-          "Password authentication requested but no password provided",
-        );
-        ws.send(
-          JSON.stringify({
-            type: "error",
-            message:
-              "Password authentication requested but no password provided",
-          }),
-        );
-        return;
-      }
    } else {
      sshLogger.error("No valid authentication method provided");
      ws.send(